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DETAILED ACTION 
Response to Arguments 

1 . Applicant's arguments filed November 1 3, 2007 have been fully considered but 
they are not persuasive. The arguments with regards to Herrmann not disclosing all the 
limitations of the amended claims is persuasive. However the applicants assertion that 
He does not make up for these deficiencies is not persuasive. He teaches providing the 
user with a ticket to facilitate future access requests (column 2, lines 35-36). Therefor 
Herrmann further in view of He teaches the limitations of the independent claims. 

2. All objections have been withdrawn. 

Information Disclosure Statement 

3. It is noted that an Information Disclosure Statement was filed December 1 1 , 
2007. However not all documents were ready for review at the time of this office action. 
The Information disclosure statement will be included with the next action. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically 
disclosed or described as set forth in section 1 02 of this title, if the 
differences between the subject matter sought to be patented and the prior 
art are such that the subject matter as a whole would have been obvious at 
the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. Patentability shall not be negatived by 
the manner in which the invention was made. 
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differences between the subject matter sought to be patented and the prior 
art are such that the subject matter as a whole would have been obvious at 
the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. Patentability shall not be negatived by 
the manner in which the invention was made. 

5. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 
USPQ 459 (1966), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

6. Determining the scope and contents of the prior art. 

7. Ascertaining the differences between the prior art and the claims at issue. 

8. Resolving the level of ordinary skill in the pertinent art. 

9. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 

10. Claims 1 - 3, 7, 10 - 14, 18, 23, 24, 28 and 29 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Herrmann, and further in view of He. 

11. Referring to claim 1 , Herrmann teaches: 

a. A client seeking access to a network (page 7, paragraph 63). 

b. A policy server that performs checks to confirm the client meets with 
applicable rules (page 8, paragraph 69). 

c. An Integrity Gateway (IGW) server that allows access to those with the 
appropriate configuration and denies access to those without it (page 8, 
paragraph 67). 

12. Herrmann does not explicitly disclose providing proof to the client if the manifests 
were passed. However, He discloses providing a general ticket to the user for verifying 
user credentials and then using that ticket to access resources (column 2, lines 35-46). 
Herrmann and He are analogous art because they are from the same field of endeavor, 
security management. At the time of the invention, it would have been obvious to one of 
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ordinary skill in the art, having the.teachings of Herrmann and He before him or her, to 
modify the manifests of checks of Herrmann to include providing a ticket of He. The 
suggestion/motivation for doing so would have been to facilitate future requests without 
re-verifying user credentials (column 2, lines 35-41 ). 

1 3. Referring to claim 2, Herrmann teaches checking for installed virus software 
(page 8, paragraph 68). 

14. Referring to claim 3, Herrmann teaches that delegates on the client computer 
perform the security checks (page 11-12, paragraph 94). 

1 5. Referring to claim 7, Herrmann teaches that the client is directed to the second 
server after the checks are failed (page 12, paragraph 96). 

16. Referring to claim 10, Herrmann teaches that after an inventory of software 
(security policy check), that the server redirects the client to a website to download the 
appropriate fix (page 10, paragraph 79). 

17. Referring to claim 1 1 , Herrmann teaches that the policy server acts as a 
mediator between the client and the second server (figure 4) and acts as a firewall for 
the IGW (page 8, paragraph 69). 

18. Referring to claim 12, Herrmann teaches that the first and second server can be 
part of the same computing device (page 8, paragraph 69). 

19. Referring to claim 13, Herrmann teaches: 

d. Receiving a manifest of checks from the policy server that determine a 
configuration (page 11, paragraph 94). 
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e. Performing the checks and forwarding the results to the policy server 
(pages 11-12, paragraph 94). 

f. The client connects to the NAS to request access (page 7, paragraph 63) 
which forwards the request to the IGW server (page 8, paragraph 66). 

g. The client's proof of configuration is forwarded through the first server to 
the second server (page 12, paragraph 95). 

20. Herrmann does not explicitly disclose receiving proof at the client of the required 
configuration and passing the proof onto the second server. However, He discloses 
providing a general ticket to the user for verifying user credentials and then using that 
ticket to access resources (column 2, lines 35-46). Herrmann and He are analogous art 
because they are from the same field of endeavor, security management. At the time of 
the invention, it would have been obvious to one of ordinary skill in the art, having the 
teachings of Herrmann and He before him or her, to modify the manifests of checks of 
Herrmann to include providing a ticket of He. The suggestion/motivation for doing so 
would have been to facilitate future requests without re-verifying user credentials 
(column 2, lines 35-41). 

21. Referring to claim 14, Herrmann teaches: 

h. Receiving a request for software inventory from the first server (page 8, 
paragraph 68). 

i. Receiving the software necessary and installing it (page 10, paragraph 

79). 
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22. Referring to claim 18, Herrmann teaches that the first and second server can be 
part of the same computing device (page 8, paragraph 69). 

23. Referring to claim 23, Herrmann teaches: 

j. Receiving request to access a network resource at the first server (page 1, 
paragraph 63). 

k. Receiving at the first server proof of a required configuration (page 12, 
paragraph 95). 

I. If the proof is valid, access is permitted, if invalid then access is denied 
(page 12, paragraph 97). 

24. Herrmann does not explicitly disclose validating the proof by comparing the proof 
with information from the trusted server. However, He discloses providing a ticket that is 
validated that it is the correct ticket by comparing the checksums (column 18, lines 13- 
47). Herrmann and He are analogous art because they are from the same field of 
endeavor, security management. At the time of the invention, it would have been 
obvious to one of ordinary skill in the art, having the teachings of Herrmann and He 
before him or her, to modify the manifests of checks of Herrmann to include providing a 
ticket of He. The suggestion/motivation for doing so would have been to facilitate future 
requests without re-verifying user credentials (column 2, lines 35-41). 

25. Referring to claim 24, if the proof is invalid the client is directed to download the 
appropriate fix to the problem (page 12, paragraph 97). 

26. Referring to claim 28, Herrmann teaches: 



Application/Control Number: Page 7 

1*0/823,686 

Art Unit: 2132 

m. Receiving a manifest of checks from a first server, wherein the checks 
determine whether the client possesses a required configuration of installed 
software (page 8, paragraph 69). 

n. Performing the checks in the manifest of checks and sending the results of 
the checks to the first server (pages 11-112, paragraph 94). 

27. Herrmann does not explicitly disclose receiving proof at the client, requesting 
access at a second server, providing proof to that second server and periodically 
updating that proof regardless of further requests for access to the network resources. 
However, He discloses: 

o. Receiving proof at the client (column 2, lines 35-36). 

p. Requesting access to a network resource and providing proof of the 

required configuration to the second server (column 2, lines 36-38). 

q. Periodically updating the ticket regardless of further requests for access 

(column 18, lines 12-14). The ticket is provided to the user every time he 

validates to the authentication server whether or not he is requesting access to 

the network element. 

28. Herrmann and He are analogous art because they are from the same field of 
endeavor, security management. At the time of the invention, it would have been 
obvious to one of ordinary skill in the art, having the teachings of Herrmann and He 
before him or her, to modify the manifests of checks of Herrmann to include providing a 
ticket and using it to access the resources of He. The suggestion/motivation for doing so 
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would have been to facilitate future requests without re-verifying user credentials 
(column 2, lines 35-41). 

29. Referring to claim 29, Herrmann teaches: 

r. Receiving a manifest of checks from a first server, wherein the checks 
determine whether the client possesses a required configuration of installed 
software (page 8, paragraph 69). 

s Performing the checks in the manifest of checks and sending the results of 
the checks to the first server (pages 11-112, paragraph 94). 

30. Herrmann does not explicitly disclose receiving proof at the client, requesting 
access at a second server, validating the proof, updating the proof, and then providing 
proof to that second server. However, He discloses: 

t. Receiving and storing proof at the client (column 2, lines 35-36). 

u. Requesting access to a network resource at a second server (column 2, 

lines 36-38). 

v. Validating the proof (column 18, lines 42-46). 

w. If the proof is no longer valid, updating the proof (column 1 8, lines 42-46, 
column 2, lines 9-23). If the ticket is not correct then the user returns to the 
authentication server to get an updated correct ticket, 
x. Providing proof to the second server (column 2, lines 36-38). 

31 . Herrmann and He are analogous art because they are from the same field of 
endeavor, security management. At the time of the invention, it would have been 
obvious to one of ordinary skill in the art, having the teachings of Herrmann and He 
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before him or her, to modify the manifests of checks of Herrmann to include providing a 
ticket and using the ticket to access the resources of He. The suggestion/motivation for 
doing so would have been to facilitate future requests without re-verifying user 
credentials (column 2, lines 35-41). 

32. Claims 4, 5, 8, 9, 15- 17, 23, 25 and 26 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Herrmann in view of He and further in view of Yoko Saito et 
al's US Patent 6,275,941. Referring to claims 4, 5, 15, 16, and 25 Herrmann in view of 
He discloses all the limitations of the parent claims and the passing of the response 
back to the server (Herrmann, page 12, paragraph 94). Herrmann in view of He does 
not appear to explicitly disclose issuing a certificate and storing it in a database. 
However, Saito discloses: 

y. Issuing a certificate to the client (column 5, lines 21-22), 

z. Passing the certificate to the server for authentication (column 7, lines 21- 

23), 

aa. Comparing the certificate to the original (column 7, lines 33-35). While it 
does not explicitly disclose that the certificate is stored, it is inherent from the 
ability to compare it to the original. 

33. Steps n and p above teach claim 4. Steps o and p above teach claim 5. Step n 
above teaches claim 15. Step o above teaches claim 16. Step n teaches claim 25. 

34. Herrmann in view of He and Saito are analogous art because they are from the 
same field of endeavor, security management. At the time of the invention, it would 
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have been obvious to one of ordinary skill in the art, having the teachings of Herrmann 
in view of He and Saito before him or her, to modify Herrmann in view of He to include 
certificates and storage of Saito. The motivation for doing so would have been that you 
can use single sign on (column 1 , lines 50-51 ). 

35. Referring to claims 8, 9, 17, and 26 Herrmann in view of He discloses all the 
limitations of the parent claim as well as storing a unique identifier for the user (He, 
column 16, lines 28-29). Herrmann in view of He does not appear to explicitly disclose 
issuing a certificate, and storing it in a database and using a unique identifier to identify 
the storage. However, Saito teaches: 

bb. Issuing a certificate to the client (column 5, lines 21-22), 

cc. Passing the certificate to the server for authentication (column 7, lines 21- 

23), 

dd. Comparing the certificate to the original (column 7, lines 33-35). While it 
does not explicitly disclose that the certificate is stored, it is inherent from the 
ability to compare it to the original. 

ee. Storing the certificate in a second database as well (column 8, lines 53- 
54). 

36. Steps q, and t teach claim 8. Steps q, s, and t teach claim 9. Step s is executed 
using the unique identifier of He teaches claims 17 and 26. 

37. Herrmann in view of He and Saito are analogous art because they are from the 
same field of endeavor, security management. At the time of the invention, it would 
have been obvious to one of ordinary skill in the art, having the teachings of Herrmann 
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in view of He and Saito before him or her, to modify Herrmann in view of He to include 
certificates and storage of Saito. The motivation for doing so would have been that you 
can use single sign on (column 1, lines 50-51). 

Conclusion 

38. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .1 36(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Cordelia Kane whose telephone number is 571-272- 
7771. The examiner can normally be reached on Monday - Thursday 8:00 - 5:00 EST. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



(J* 




Cordelia Kane 
Patent Examiner 
Art Unit 2132 
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